1 to 25 of 33 OWASP Jobs in the South East

principles in customer-facing SaaS platforms. Deep understanding of application security and secure SDLC across modern stacks (JavaScript/React, C#/.NET, Azure services, containers). Knowledge of OWASP Top 10 and mitigation strategies. Experience with modern authentication and authorization protocols (OpenID Connect, OAuth2.0). Hands-on experience with SAST/DAST tools and integration into SDLC. Proficiency in More ❯

principles in customer-facing SaaS platforms. Deep understanding of application security and secure SDLC across modern stacks (JavaScript/React, C#/.NET, Azure services, containers). Knowledge of OWASP Top 10 and mitigation strategies. Experience with modern authentication and authorization protocols (OpenID Connect, OAuth2.0). Hands-on experience with SAST/DAST tools and integration into SDLC. Proficiency in More ❯

and Azure DevOps (CI/CD) Familiarity with scripting languages like PowerShell, YAML, JSON Hands-on with application security tools and DevSecOps processes Understanding of frameworks and standards like OWASP, NIST SSDF, ISO27001, NCSC Experience with threat modelling, risk assessments, and secure design reviews Confident owning security strategy and tooling across complex product landscapes A strong communicator - able to engage More ❯

through deployment, oversee secure coding and testing, and drive operational maturity and resilience against evolving threats What you'll do: Define and govern secure architecture standards, aligned with NIST, OWASP, ISO 27001, and enterprise policies Lead DevSecOps integration, embedding automated security testing (SAST, DAST, SCA, container security) into CI/CD pipelines Oversee large-scale secure development programs, ensuring SLA More ❯

. Proficient in Git or other version control systems. Desirable Knowledge, Skills and Experience: Certifications in OCI or other cloud platforms (AWS, GCP). Experience with security tools like OWASP ZAP, Burp Suite, etc. Familiarity with Jira, Confluence, or similar tools. Knowledge of compliance frameworks (e.g., GDPR, HIPAA, ISO 27001, ISO 13485). Background in start-up or scale-up More ❯

Provide mentoring, training, and security awareness support to internal teams. Essential Skills & Experience Strong hands-on experience in application and cloud security engineering. Deep understanding of web app vulnerabilities (OWASP Top 10, CWE) and secure coding practices. Proficiency with security testing tools and vulnerability management platforms. Broad knowledge of network and infrastructure security concepts (WAFs, ACLs, VPNs, etc.). Familiarity More ❯

embedding security in agile development environments Hands-on knowledge of cloud platforms , CI/CD pipelines , and scripting (PowerShell, YAML, JSON, etc.) Familiarity with frameworks and standards such as OWASP , NIST SSDF , ISO27001 , or NCSC Practical experience with threat modelling , security tooling , and risk assessments Excellent communication skills, able to influence and engage at all levels from developers to execs More ❯

certifications: CISSP, CISM, CISA, or equivalent Higher education sector experience Multi-tenant SaaS architecture security experience DevSecOps and CI/CD security integration knowledge Security frameworks: NIST, CIS Controls, OWASP Multi-jurisdictional data protection knowledge Enterprise sales cycle support experience Key Attributes Strategic thinker who can balance security with business needs Pragmatic approach to security implementation Detail-oriented with strong More ❯

certifications: CISSP, CISM, CISA, or equivalent Higher education sector experience Multi-tenant SaaS architecture security experience DevSecOps and CI/CD security integration knowledge Security frameworks: NIST, CIS Controls, OWASP Multi-jurisdictional data protection knowledge Enterprise sales cycle support experience Key Attributes: Strategic thinker who can balance security with business needs Pragmatic approach to security implementation Detail-oriented with strong More ❯

certifications: CISSP, CISM, CISA, or equivalent Higher education sector experience Multi-tenant SaaS architecture security experience DevSecOps and CI/CD security integration knowledge Security frameworks: NIST, CIS Controls, OWASP Multi-jurisdictional data protection knowledge Enterprise sales cycle support experience Key Attributes: Strategic thinker who can balance security with business needs Pragmatic approach to security implementation Detail-oriented with strong More ❯

or supporting the higher education sector. Strong understanding of multi-tenant SaaS security. Knowledge of DevSecOps and integrating security in CI/CD pipelines. Familiarity with NIST, CIS Controls, OWASP, and other security frameworks. Awareness of global data protection and multi-jurisdictional privacy requirements. Experience supporting enterprise sales cycles with security expertise and assurance. Benefits: 25 days' holiday plus bank More ❯

reliable deployments. Collaborate with engineering teams to embed best practices for monitoring, security, and performance. Contribute to architectural decisions and technical design reviews. Ensure compliance with secure coding standards (OWASP, API security, web application best practices). Support automation, observability, and continuous improvement initiatives across the engineering organisation. ✅ You’ll Be a Great Fit If You... Have strong coding experience More ❯

processes and code quality. Governance and Compliance Contribute to and follow coding standards and security policies, maintaining and supporting compliance with security standards/guidelines such as PCI v4, OWASP etc. Ensure Senior and Junior Developers are well trained in application security practices and knowledge is kept up to date. Strategy Contribute to long-term technical planning, identify areas for More ❯

/Bonus - Research experience in edge AI or constrained/offline deployments. - MLOps experience (Sagemaker, Kubeflow, ZenML). - Experience building RESTful services around AI pipelines. - ISO 27001, NIST SSDF, OWASP SAMM, or GDPR compliance literacy. - Experience with AWS Karpenter, Prometheus, or similar observability stacks. Soft Skills Research-driven mindset, eager to experiment and iterate. Able to bridge the gap between More ❯

Agile working, mentoring and technical leadership Desirable: Azure AD, Enterprise Apps, Graph API, Azure AI Search Relational and non-relational database design, Entity Framework Postman, Selenium, Playwright Awareness of OWASP, PCI v4, licensing and IP protection Microsoft certifications Experience in travel or entertainment tech Apply today if you're ready to lead, architect and deliver robust Azure solutions at scale. More ❯

using technologies such as AWS Lambda, Spring Boot, NodeJS, Python FastAPI, Oracle, PostgreSQL, and MongoDB . Work within Agile and DevSecOps environments, utilising tooling such as Atlassian, Jenkins, GitLab, OWASP and AWS services. Apply Site Reliability Engineering principles to enhance reliability, resilience, and performance. Support technical decision-making, explaining trade-offs and best practices to clients and stakeholders. Contribute to More ❯

security tools and technologies (e.g. WAFs, AV, email/web gateways, ACLs). Expertise in secure coding practices and security testing (SAST, DAST, SCA, Pen Testing). Familiarity with OWASP Top 10, CWE, and remediation strategies. Hands-on experience with security testing tools and techniques. Excellent communication and documentation skills. Relevant certifications (e.g. CISSP, SANS GCIA, Security+, CCNA/CCNP More ❯

autonomously. Demonstrable expertise and understanding of API development/design and experience interfacing with disparate systems. Applicable understanding of software security, common exploits and secure development practices, including the OWASP Top 10. Proven and demonstrable understanding of testing methodologies and frameworks. Commercial experience with AWS and IaC (Terraform/CDK/CloudFormation) Commercial experience with Linux, Docker, Docker Compose, Git More ❯

Security Professional • PWB - Offensive Security : Penetration Testing with Back|Track • SANS GCIH - GIAC Certified Incident Handler • Major involvement in Network & Web Application vulnerability assessment and penetration tests utilising the OWASP and OSSTMM open standards and other standards. • Lead IT Security Assessment, Incident Response (CIRT), and Forensic Analysis tasks for several major manufacturers, law firms, utility and non-profit organisations. • Lead More ❯

implementing secure infrastructure or cloud architectures. o Proven experience with risk assessment methodologies and maintaining enterprise risk registers. o Working knowledge of risk assessment methodologies (e.g. ISO 31000, FAIR, OWASP risk rating). o Strong understanding of Gov Assure, CAF, ISO 27001, Cyber Essentials, and NIST frameworks. o Experience conducting or supporting security audits and implementing remediation plans. o Proficiency More ❯

cloud environments. Collaborate with teams to embed security best practices into CI/CD pipelines and foster a security-first culture. Your Skills Hands-on experience with security tools (OWASP Zap, Trivy, Dependabot) in CI/CD Cloud security expertise in AWS and Azure Strong scripting skills (Node.js, Python, Bash) Knowledge of vulnerability management and secure DevOps practices Nice to More ❯

with Terraform , Docker , Kubernetes , and Git . Solid CI/CD and security automation skills. Knowledge of cloud security (IAM, encryption, network controls). Bonus: Cloud certifications, experience with OWASP ZAP or Burp Suite. You'll be part of a forward-thinking, impact-driven team blending science, technology, and innovation to improve global health outcomes. More ❯

consulting, applications, cloud, and infrastructure, you'll collaborate with brilliant colleagues and clients on truly impactful projects. What you'll do: Embed security across the SDLC, promoting secure coding (OWASP) Automate security in CI/CD workflows (SAST, DAST, IAST, SCA, IaC) Perform appsec testing, code reviews, and vulnerability remediation Drive secure DevOps culture through training, playbooks, and developer champions … Strengthen cloud & container security (AWS, Azure, GCP, Kubernetes, Docker) What you'll bring: 2-4 years' experience in AppSec/DevSecOps Hands-on with tools like Checkmarx, Veracode, SonarQube, OWASP ZAP Strong coding skills (Java, Python, JavaScript, Go, .NET) Familiar with CI/CD (Jenkins, GitHub Actions, Azure DevOps) and IaC (Terraform) Knowledge of OWASP Top 10, API security, and More ❯

improvement to development processes and code quality. Governance and Compliance Follow coding standards and security policies, maintaining and supporting compliance with security standards/guidelines such as PCI v4, OWASP etc. Keep training and knowledge on application security practices up to date. Strategy Support long-term technical planning, identify areas for improvement in existing systems and processes, and provide recommendations More ❯

Army or Defence background , ideally with knowledge of command, control, and intelligence systems . Deep understanding of architecture frameworks, design standards and methodologies. Experience with secure software development lifecycles , OWASP , GDPR , and NCSC Cloud Security Principles . Demonstrated ability to design and deliver secure, integrated solutions in sensitive or classified environments. Strong stakeholder engagement and communication skills, with the ability More ❯